XCCC: Configuring Secure Conferencing Capabilities for Computers Located in a Child Domain (252789)


The information in this article applies to:

  • Microsoft Exchange 2000 Conferencing Server
This article was previously published under Q252789

SUMMARY

If a conferencing server is installed and running on a child domain controller (DC) or member server in a child domain, and needs to be able to host secure conferences, an administrator must follow the procedure in the "More Information" section to allow the root domain Certificate Authority (CA) to issue certificates to the computers that are located in the child domain.

MORE INFORMATION

  1. Log on as a domain administrator, and start Active Directory Sites and Services on the parent DC.
  2. On the View menu, click Show Services Node.
  3. Click the Public Key Services container in the Scope pane, and expand it to see the nodes that it contains.
  4. Click the Certificate Templates container in the Scope pane.
  5. Click the Machine template in the Results pane.
  6. Right-click the Machine template, and then click Properties.
  7. On the Machine Properties page, click the Security tab, and then click Add.
  8. On the Select Users, Computers, or Groups page, click the appropriate child domain from the Look in list.
  9. In the Groups list, click Domain Computers, click Add, and then click OK.
  10. On the Machine Properties page, click Domain Computers for the child DC.
  11. Under the Allow column, click to select the Enroll check box, and then click OK.
  12. In the Results pane, click the User template.
  13. Right-click the User template, and then click Properties.
  14. On the User Properties page, click the Security tab, and then click Add.
  15. On the Select Users, Computers, or Groups page, click the appropriate child domain from the Look in list.
  16. In the Groups list, click Domain Users, click Add, and then click OK.
  17. On the User Properties page, click Domain Users for the child DC.
  18. Under the Allow column, click to select the Enroll check box, and then click OK.
  19. Quit Active Directory Sites and Services.
This procedure enables secure conferencing for both parent and child DCs, as well as their respective member servers.

When the Exchange 2000 Conferencing Server is installed, it creates an AutoEnrollment object that requests a machine certificate for its own use. If you install the Exchange 2000 Conferencing Server before you perform the preceding procedure, you must issue a manual request for a machine certificate.
Modification Type:MinorLast Reviewed:4/25/2005
Keywords:kbhowto KB252789
©2004 Microsoft Corporation. All rights reserved.